
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta charset="utf-8"></meta>
      <meta name="viewport" content="width=device-width, initial-scale=1.0"></meta>
      <title>8.7.&nbsp;Load LDAP - Chapter&nbsp;8.&nbsp;Database Integration</title>
      <link rel="stylesheet" type="text/css" href="../../docbook.css"></link>
      <link rel="stylesheet" type="text/css" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></link>
      <link rel="stylesheet" type="text/css" href="//cdn.datatables.net/1.10.13/css/jquery.dataTables.min.css"></link>
      <link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.1.0/css/font-awesome.min.css"></link>
      <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans:400,300,400italic,600,300italic"></link>
      <link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/codemirror/5.11.0/codemirror.min.css"></link>
      <link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/codemirror/5.11.0/theme/neo.min.css"></link>
      <link rel="stylesheet" type="text/css" href="../../css/chunked-base.css"></link>
      <link rel="stylesheet" type="text/css" href="../../css/extra.css"></link><script src="//code.jquery.com/jquery-1.12.4.js" type="text/javascript"></script><script src="//cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js" type="text/javascript"></script><script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js" type="text/javascript"></script><script src="//cdnjs.cloudflare.com/ajax/libs/codemirror/5.11.0/codemirror.min.js" type="text/javascript"></script><script src="//cdnjs.cloudflare.com/ajax/libs/codemirror/5.11.0/addon/runmode/runmode.min.js" type="text/javascript"></script><script src="//cdnjs.cloudflare.com/ajax/libs/codemirror/5.11.0/mode/cypher/cypher.min.js" type="text/javascript"></script><script src="../../javascript/datatable.js" type="text/javascript"></script><script src="../../javascript/colorize.js" type="text/javascript"></script><script src="../../javascript/tabs-for-chunked.js" type="text/javascript"></script><script src="../../javascript/mp-nav.js" type="text/javascript"></script><script src="../../javascript/versionswitcher.js" type="text/javascript"></script><script src="../../javascript/version.js" type="text/javascript"></script><script src="//s3-eu-west-1.amazonaws.com/alpha.neohq.net/docs/new-manual/assets/search.js" type="text/javascript"></script><meta name="generator" content="DocBook XSL Stylesheets V1.79.1"></meta>
      <link rel="prev" href="../bolt-neo4j/" title="8.6.&nbsp;Bolt"></link>
      <link rel="next" href="../../utilities/" title="Chapter&nbsp;10.&nbsp;Utility Functions"></link>
      <link rel="shortcut icon" href="https://neo4j.com/wp-content/themes/neo4jweb/favicon.ico"></link><script>
        $(document).ready(function() {
          CodeMirror.colorize();
          tabTheSource($('body'));
          var $header = $('header').first();
          $header.prepend(
            $('<a href="" id="logo"><img src="https://neo4j.com/wp-content/themes/neo4jweb/assets/images/neo4j-logo-2015.png" alt="Neo4j Logo"></img></a>')
          );
          var $sidebar = $('<div id="sidebar-wrapper"></div>');
          $.get('toc.html', function (d){
            $(d).appendTo($sidebar);
            highlightToc();
            highlightLibraryHeader();
          });
          $sidebar.insertAfter($('header').first());
        });
        </script></head>
   <body>
      <header>
         <div class="searchbox">
            <form id="search-form" class="search" name="search-form" role="search"><input id="search-form-input" name="q" title="search" type="search" lang="en" placeholder="Search Neo4j docs..." aria-label="Search Neo4j documentation" max-length="128" required="required"></input><input id="search-form-button" type="submit" value="Search"></input></form>
         </div>
         <ul class="documentation-library">
            <li><a href="https://neo4j.com/docs/operations-manual/current">Operations Manual</a></li>
            <li><a href="https://neo4j.com/docs/developer-manual/current/">Developer Manual</a></li>
            <li><a href="https://neo4j.com/docs/ogm-manual/current/">OGM Manual</a></li>
            <li><a href="https://neo4j.com/docs/graph-algorithms/current/">Graph Algorithms</a></li>
            <li><a href="https://neo4j-contrib.github.io/neo4j-apoc-procedures/3.5/">APOC</a></li>
            <li><a href="https://neo4j.com/docs/java-reference/current/">Java Reference</a></li>
         </ul>
         <nav id="header-nav"><span class="nav-previous"><a accesskey="p" href="../bolt-neo4j/"><span class="fa fa-long-arrow-left" aria-hidden="true"></span>Bolt</a></span><span class="nav-current">
               <p class="nav-title hidden">8.7.&nbsp;Load LDAP</p></span><span class="nav-next"><a accesskey="n" href="../../utilities/">Utility Functions<span class="fa fa-long-arrow-right" aria-hidden="true"></span></a></span></nav>
      </header>
      <div id="search-results" class="hidden"></div>
      <section class="section" id="load-ldap">
         <div class="titlepage">
            <div>
               <div>
                  <h2 class="title" style="clear: both"><a class="anchor" href="#load-ldap"></a>8.7.&nbsp;Load LDAP
                  </h2>
               </div>
            </div>
         </div>
         <p>With 'apoc.load.ldap' you can execute queries on any LDAP v3 enabled directory, the results are turned into a streams of entries.
            The entries can then be used to update or create graph structures.
         </p>
         <p>Note this utility requires to have the <a class="link" href="https://mvnrepository.com/artifact/com.novell.ldap/jldap/2009-10-07" target="_top">jldap</a> library to be placed the plugin directory.
         </p>
         <div class="informaltable">
            <div class="table" id="d0e10414">
               <table class="informaltable" border="1">
                  <colgroup>
                     <col class="col_1"></col>
                     <col class="col_2"></col>
                     <col class="col_3"></col>
                  </colgroup>
                  <thead>
                     <tr>
                        <th style="text-align: left; vertical-align: top; ">procedure</th>
                        <th style="text-align: left; vertical-align: top; ">apoc.load.jdbcParams</th>
                        <th style="text-align: left; vertical-align: top; ">deprecated - please use: apoc.load.jdbc('key or url','',[params]) YIELD row - load from relational database, from a sql statement
                           with parameters
                        </th>
                     </tr>
                  </thead>
               </table>
            </div>
         </div>
         <section class="section" id="_parameters">
            <div class="titlepage">
               <div>
                  <div>
                     <h3 class="title"><a class="anchor" href="#_parameters"></a>8.7.1.&nbsp;Parameters
                     </h3>
                  </div>
               </div>
            </div>
            <div class="informaltable">
               <div class="table" id="d0e10430">
                  <table class="informaltable" border="1">
                     <colgroup>
                        <col class="col_1"></col>
                        <col class="col_2"></col>
                        <col class="col_3"></col>
                     </colgroup>
                     <thead>
                        <tr>
                           <th style="text-align: left; vertical-align: top; ">Parameter</th>
                           <th style="text-align: left; vertical-align: top; ">Property</th>
                           <th style="text-align: left; vertical-align: top; ">&nbsp;Description</th>
                        </tr>
                     </thead>
                     <tbody>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>{connectionMap}</p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">ldapHost</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>the ldapserver:port if port is omitted the default port 389 will be used</p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">loginDN</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>This is the dn of the ldap server user who has read access on the ldap server</p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">loginPW</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>This is the password used by the loginDN</p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>{searchMap}</p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">searchBase</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>From this entry a search is executed</p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">searchScope</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>SCOPE_ONE (one level) or
                                                    SCOPE_SUB (all sub levels) or
                                                    SCOPE_BASE (only the base node)
                              </p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">searchFilter</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>Place here a standard ldap search filter for example: (objectClass=*) means that the ldap entry must have an objectClass attribute.</p>
                           </td>
                        </tr>
                        <tr>
                           <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p><code class="literal">attributes</code></p>
                           </td>
                           <td style="text-align: left; vertical-align: top; ">
                              <p>optional. If omitted all the attributes of the entries will be returned.
                                                             When specified only the specified attributes will be returned. Regardless the attributes setting
                                 a returned entry will always have a "dn" property.
                              </p>
                           </td>
                        </tr>
                     </tbody>
                  </table>
               </div>
            </div>
            <section class="section" id="_load_ldap_example">
               <div class="titlepage">
                  <div>
                     <div>
                        <h4 class="title"><a class="anchor" href="#_load_ldap_example"></a>8.7.1.1.&nbsp;Load LDAP Example
                        </h4>
                     </div>
                  </div>
               </div>
               <p><span class="formalpara-title">Retrieve group member information from the ldap server.&nbsp;</span>
                  
               </p><pre class="programlisting highlight"><code data-lang="cypher">---
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&amp;(objectClass=*)(uniqueMember=*))"}) yield entry
return entry.dn,  entry.uniqueMember
---</code></pre><p>
                  
               </p>
               <div class="informaltable">
                  <div class="table" id="d0e10522">
                     <table class="informaltable" border="1">
                        <colgroup>
                           <col class="col_1"></col>
                           <col class="col_2"></col>
                        </colgroup>
                        <thead>
                           <tr>
                              <th style="text-align: left; vertical-align: top; ">entry.dn</th>
                              <th style="text-align: left; vertical-align: top; ">entry.uniqueMember</th>
                           </tr>
                        </thead>
                        <tbody>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p>"ou=mathematicians,dc=example,dc=com"</p>
                              </td>
                           </tr>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p><code class="literal">["uid=euclid,dc=example,dc=com", "uid=riemann,dc=example,dc=com", "uid=euler,dc=example,dc=com", "uid=gauss,dc=example,dc=com",
                                       "uid=test,dc=example,dc=com"]</code></p>
                              </td>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           </tr>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p><code class="literal">"ou=scientists,dc=example,dc=com"</code></p>
                              </td>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           </tr>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p>"ou=italians,ou=scientists,dc=example,dc=com"</p>
                              </td>
                           </tr>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p><code class="literal">"uid=tesla,dc=example,dc=com"</code></p>
                              </td>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           </tr>
                           <tr>
                              <td style="text-align: left; vertical-align: top; ">
                                 <p><code class="literal">"ou=chemists,dc=example,dc=com"</code></p>
                              </td>
                              <td style="text-align: left; vertical-align: top; ">&nbsp;</td>
                           </tr>
                        </tbody>
                     </table>
                  </div>
               </div>
               <p></p>
               <p><span class="formalpara-title">Retrieve group member information from the ldap server and create structure in Neo4j.&nbsp;</span>
                  
               </p><pre class="programlisting highlight"><code data-lang="cypher">---
call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"},
{searchBase : "dc=example,dc=com",searchScope : "SCOPE_SUB"
,attributes : ["uniqueMember","cn","uid","objectClass"]
,searchFilter: "(&amp;(objectClass=*)(uniqueMember=*))"}) yield entry
merge (g:Group {dn : entry.dn})
on create set g.cn = entry.cn
foreach (member in entry.uniqueMember |
  merge (p:Person { dn : member })
  merge (p)-[:IS_MEMBER]-&gt;(g)
)
---</code></pre><p>
                  
               </p>
            </section>
            <section class="section" id="_credentials">
               <div class="titlepage">
                  <div>
                     <div>
                        <h4 class="title"><a class="anchor" href="#_credentials"></a>8.7.1.2.&nbsp;Credentials
                        </h4>
                     </div>
                  </div>
               </div>
               <p>To protect credentials, you can configure aliases in <code class="literal">conf/neo4j.conf</code>:
               </p>
               <p><span class="formalpara-title">neo4j.conf Syntax.&nbsp;</span>
                  
               </p><pre class="screen highlight"><code>apoc.loadldap.myldap.config=&lt;host&gt;:&lt;port&gt; &lt;loginDN&gt; &lt;loginPW&gt;</code></pre><p>
                  
               </p>
               <p><span class="formalpara-title">neo4j.conf:&nbsp;</span>
                  
               </p><pre class="screen highlight"><code>apoc.loadldap.myldap.config=ldap.forumsys.com:389 cn=read-only-admin,dc=example,dc=com password</code></pre><p>
                  
               </p>
               <p>Then</p><pre class="screen highlight"><code>call apoc.load.ldap({ldapHost : "ldap.forumsys.com", loginDN : "cn=read-only-admin,dc=example,dc=com", loginPW : "password"}
, {searchBase : "dc=example,dc=com"
  ,searchScope : "SCOPE_SUB"
  ,attributes : ["cn","uid","objectClass"]
  ,searchFilter: "(&amp;(objectClass=*))"
  }) yield entry
return entry.dn,  entry</code></pre><p>becomes</p><pre class="screen highlight"><code>call apoc.load.ldap("myldap"
,{searchBase : "dc=example,dc=com"
 ,searchScope : "SCOPE_SUB"
 ,attributes : ["cn","uid","objectClass"]
 ,searchFilter: "(&amp;(objectClass=*))"
 }) yield entry
return entry.dn,  entry</code></pre></section>
         </section>
      </section>
      <footer><script type="text/javascript">
          (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
            (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
          m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
          })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
          //Allow Linker
          ga('create', 'UA-1192232-34','auto', {'allowLinker': true});
          ga('send', 'pageview');
          // Load the plugin.
          ga('require', 'linker');
          // Define which domains to autoLink.
          ga('linker:autoLink', ['neo4j.org','neo4j.com','neotechnology.com','graphdatabases.com','graphconnect.com']);
        </script><script type="text/javascript">
          document.write(unescape("%3Cscript src='//munchkin.marketo.net/munchkin.js' type='text/javascript'%3E%3C/script%3E"));
        </script><script>Munchkin.init('773-GON-065');</script></footer>
   </body>
</html>